ConnectSecure Workshop

Beyond Patching: Risk-First Vulnerability Management

Register Now
ConnectSecure Workshop

Beyond Patching: Risk-First Vulnerability Management



Register Now

Lead the Shift from reactive security to modern risk reduction

Move beyond reactive security, patching, and traditional perimeter thinking. This 2.5-hour workshop is built for service providers ready to lead with structure and precision. You’ll learn how to deliver a comprehensive vulnerability management program—one that combines BIA-driven policy, prioritized remediation, and third-party risk management (TPRM) into a scalable, client-facing service. Through hands-on labs, real-world frameworks, and certification, you’ll walk away with the tools and confidence to start reducing risk under modern security leadership.

Register Now
workshop

Join the workshop and receive a Risk-First VM Launch Kit

Leave the workshop with the tools you need: 

  • Vulnerability Management Program Template
  • Vulnerability Management Policy Template
  • Declination of Services Template / MSA Template
  • Marketing Brief (Client-Facing)
  • Slide Deck for Executive Overview

Moderators

Brian_Blakely

Brian Blakely
Chief Strategy Officer
Compliance Scorecard

ryan

Ryan Seymour
VP Consulting and Education
ConnectSecure

Panel Guests

austin_timberlake

Austin Timberlake
DFIR & vCISO
Cyber74

Jeremy_Pogue

Jeremy Pogue
Director of Security Services
Integris

Justin_Parker

Justin Parker
Manager, Technical Accounts
Meriplex

Workshop Agenda

Duration Segment Objective Speaker
0:00 – 0:05 Kickoff Welcome, introductions, and a look ahead at the agenda Ryan, Brian, Panel
0:05 – 0:35 Risk-First VM Foundations Redefine vulnerability management through a risk-first lens. Explore the foundational frameworks that support modenr service delivery—CIS, CDM, and patch management vs vulnerability management. Close with a walkthrough of the VM Program as the anchor for a scalable program. Ryan
0:35 – 1:05 BIA-Driven Policy Building Learn how to map business impact into tchnical policy. This session walks through ligning asset criticality with BIA outputs to define risk tiers, policy boundaries, and decision logic that suppports measurable vulnerability management outcomes. We also discuss the impact and rise of Third-Party Risk Management (TPRM) Brian
1:05 – 1:15 Prioritization Strategies Turn risk data into action. Learn how to combine BIA-driven risk tiers with external threat intelligence (EPSS, KEV, etc.) to build defensible prioritization models and structurered alerting strategies. Ryan, Brian
1:15 – 1:25 Break 1 Refresh and reset
1:25 – 1:45 Hands-On Lab: Vulnerability Management Apply Risk-first principles in a live environment. Execute scans, interpret results, and practice prioritization techniques using a hands-on vulnerability management policy. Group
1:45 – 2:00 Certification Assessment Demonstrate comprehension of core concepts through a scored knowledge check. Assessment reflects real-world service delivery scenarios, not just theory. Group
2:00 – 2:10 Break 2 Recharge before closing segments
2:10 – 2:25 MSP Panel: Lessons from the Field Hear firsthand how leading MSPs have implemented structured vulnerablility management, manage third-party threats, positioned risk-first thinking with clients, and evolved their service stack beyond patching. Panel
2:25 – 2:30 Wrap-Up & Certification Reinforce takeaways, issue credentials, and equip attendees with the tools needed to immediately activate a risk-first service—anchored by the launch kit provided. Panel
2:30 Q&A